Zack Whittaker

Security Editor, TechCrunch

Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849. He can also be reached by email at zack.whittaker@techcrunch.com.

Zack Whittaker

Latest from Zack Whittaker

Featured Article

Change Healthcare confirms ransomware hackers stole medical records on a ‘substantial proportion’ of Americans

The February ransomware attack on UHG-owned Change Healthcare stands as one of the largest-ever known digital thefts of U.S. medical records.

18 hours ago
Change Healthcare confirms ransomware hackers stole medical records on a ‘substantial proportion’ of Americans

CDK said it “does not have an estimated time frame” for recovery, as car dealerships and auto shops face continued outages.

US car dealerships face ongoing outage after CDK cyberattacks

TechCrunch has learned that the arrested hacker is the alleged leader of the group that masterminded the Twilio hacks in 2022.

UK national accused of hacking dozens of US companies arrested in Spain

The security firm said the attacks targeting Snowflake customers is “ongoing,” suggesting the number of affected companies may rise.

Mandiant says hackers stole a ‘significant volume of data’ from Snowflake customers

Featured Article

What Snowflake isn’t saying about its customer data breaches

As another Snowflake customer confirms a data breach, the cloud data company says its position “remains unchanged.”

6:40 pm PDT • June 7, 2024
What Snowflake isn’t saying about its customer data breaches

Snowflake is the latest company in a string of high-profile security incidents and sizable data breaches caused by the lack of MFA.

Hundreds of Snowflake customer passwords found online are linked to info-stealing malware

Featured Article

Live Nation confirms Ticketmaster was hacked, says personal information stolen in data breach

Live Nation says its Ticketmaster subsidiary was hacked. A hacker claims to be selling 560 million customer records.

3:13 pm PDT • May 31, 2024
Live Nation confirms Ticketmaster was hacked, says personal information stolen in data breach

Check Point is the latest security vendor to fix a vulnerability in its technology, which it sells to companies to protect their networks.

Zero-day flaw in Check Point VPNs is ‘extremely easy’ to exploit

The spyware maker’s founder, Bryan Fleming, said pcTattletale is “out of business and completely done,” following a data breach.

Spyware maker pcTattletale says it’s ‘out of business’ and shuts down after data breach

pcTattletale’s website was briefly defaced and contained links containing files from the spyware maker’s servers, before going offline.

Spyware app pcTattletale was hacked and its website defaced

About half a million patients have been notified so far, but the number of affected individuals is likely far higher.

US pharma giant Cencora says Americans’ health information stolen in data breach

Featured Article

Spyware found on US hotel check-in computers

Several hotel check-in computers are running a remote access app, which is leaking screenshots of guest information to the internet.

11:05 am PDT • May 22, 2024
Spyware found on US hotel check-in computers

Featured Article

Two Santa Cruz students uncover security bug that let anyone do their laundry for free

CSC ServiceWorks provides laundry machines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.

9:05 am PDT • May 17, 2024
Two Santa Cruz students uncover security bug that let anyone do their laundry for free

Featured Article

‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts

Estate is an invite-only website that has helped hundreds of attackers make thousands of phone calls aimed at stealing account passcodes, according to its leaked database.

5:05 am PDT • May 13, 2024
‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts

The federal government agency responsible for granting patents and trademarks is alerting thousands of filers whose private addresses were exposed following a second data spill in as many years. The…

US Patent and Trademark Office confirms another leak of filers’ address data

U.S. realty trust giant Brandywine Realty Trust has confirmed a cyberattack that resulted in the theft of data from its network. In a filing with regulators on Tuesday, the Philadelphia-based…

Brandywine Realty Trust says data stolen in ransomware attack

UnitedHealth’s CEO said in congressional testimony that the portal used by the hackers to break into Change Healthcare was not protected with a basic security feature.

Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO

Kaiser, one of the largest healthcare organizations in the United States, said it was notifying 13.4 million members of a data breach earlier in April.

Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers

Featured Article

Security bugs in popular phone-tracking app iSharing exposed users’ precise locations

The location-sharing app iSharing, which has 35 million users, fixed vulnerabilities that exposed users’ personal information and precise location data.

7:01 am PDT • April 24, 2024
Security bugs in popular phone-tracking app iSharing exposed users’ precise locations

Featured Article

UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’

The health tech giant processes 15 billion health transactions a year, and handles health information for about half of all Americans.

3:35 pm PDT • April 22, 2024
UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’

CISA said Chirp Systems ignored the federal agency and the reporting security researcher.

US government downgrades bug in Chirp Systems app that contained hardcoded password

House and Senate lawmakers passed a bill reauthorizing the controversial Section 702 powers under FISA, which allows U.S. spy agencies to conduct warrantless searches of Americans’ communications.

Lawmakers vote to reauthorize US spying law that critics say expands government surveillance

Featured Article

Your Android phone could have stalkerware — here’s how to remove it

This simple guide helps you identify and remove common consumer-grade spyware apps from your Android phone.

2:15 pm PDT • April 19, 2024
Your Android phone could have stalkerware — here’s how to remove it

Featured Article

Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist

The hackers say they have stolen 5.3 million records from the World-Check database, used by companies and banks for screening potential customers.

10:05 am PDT • April 18, 2024
Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist

Organizations are urged to patch their Palo Alto firewalls after researchers discover evidence of malicious exploitation dating back to late March.

Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies

A ransomware gang called Daixin has taken credit for the breach, and claimed to steal millions of customer records dating back to 2017.

Omni Hotels says customers’ personal data stolen in ransomware attack

This is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months.

Change Healthcare stolen patient data leaked by ransomware gang

Spyware makers are reportedly working on targeting individuals with stealthy data-stealing malware using online banner ads.

Government spyware is another reason to use an ad blocker

Roku said it discovered malicious hackers compromised more than half a million user accounts while investigating an earlier spate of account hacks.

Roku says 576,000 user accounts hacked after second security incident

Founded in 1973, the Washington DC-based Heritage Foundation and supports and lobbies on conservative issues.

US think tank Heritage Foundation hit by cyberattack